Hi All,
Been battling with this one now for a while, through a few different versions, and I am pulling my hair out here…. Is there any memory leaks in RPKI???
My RPKI config:
rpki
rpki cache 172.65.0.2 8282 preference 1
rpki cache 172.65.0.2 8283 preference 2
exit
Nothing more, nothing less. RPKI is (not yet) used in any route-maps, policies, etc.
RPKI works absolutely fine. However, when I start bgpd, it has a resident memory size of ~3.6G (fine, considering it’s loading multiple full tables for IPv4 & ipv6). When RPKI isn’t configured, the router is stable,
and memory usage is consistent and constant at ~3.6GB.
However, as soon as RPKI is enabled, bgpd grows about 600MB in resident memory per day. Eventually, the system runs out of memory and bgpd is restarted (which, is obviously bad).
root@MY-LOC-RS01A:~# ps auxxw|grep bgpd
root 802 0.0 0.0 8784 2844 ? S<s Sep26 1:02 /usr/lib/frr/watchfrr -d -F traditional zebra mgmtd bgpd ospfd ospf6d staticd
frr 850 16.8 54.7 4656684 4429752 ? S<sl Sep26 547:23 /usr/lib/frr/bgpd -d -F traditional -A 127.0.0.1 -M rpki -e 10
root 12813 0.0 0.0 6608 2312 pts/2 S+ 17:21 0:00 grep --color=auto bgpd
We’re already at 4.6GB up from 3.6GB when BGP has initially started (2d uptime for the longest BGP peer – see below).
FRR version, and IPv4 BGP Peers (with prefixes):
ZA-CTN-RS01A# sh ver
FRRouting 9.0.1 (MY-LOC-RS01A) on Linux(5.15.0-84-generic).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
configured with:
'--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-option-checking' '--disable-silent-rules'
'--libdir=${prefix}/lib/x86_64-linux-gnu' '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--localstatedir=/var/run/frr' '--sbindir=/usr/lib/frr' '--sysconfdir=/etc/frr' '--with-vtysh-pager=/usr/bin/pager' '--libdir=/usr/lib/x86_64-linux-gnu/frr'
'--with-moduledir=/usr/lib/x86_64-linux-gnu/frr/modules' '--disable-dependency-tracking' '--enable-rpki' '--disable-scripting' '--enable-pim6d' '--with-libpam' '--enable-doc' '--enable-doc-html' '--enable-snmp' '--enable-fpm' '--disable-protobuf' '--disable-zeromq'
'--enable-ospfapi' '--enable-bgp-vnc' '--enable-multipath=256' '--enable-user=frr' '--enable-group=frr' '--enable-vty-group=frrvty' '--enable-configfile-mask=0640' '--enable-logfile-mask=0640' 'build_alias=x86_64-linux-gnu' 'PYTHON=python3'
IPv4 Unicast Summary (VRF default):
BGP router identifier aaa.bbb.112.164, local AS number xxxxxx vrf-id 0
BGP table version 8318219
RIB entries 1693671, using 310 MiB of memory
Peers 12, using 245 KiB of memory
Dampening enabled.
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
aaa.bbb.112.165 4 xxxxxx 723094 1164605 8318219 0 0 2d05h58m 4 1665344 MY-LOC-RS01B
aaa.bbb.112.240 4 xxxxxx 265406 743205 8318219 0 0 2d05h58m 835450 922653 MY-LOC-TR01A
aaa.bbb.112.241 4 xxxxxx 156145 763504 8318219 0 0 2d05h58m 603608 922653 MY-LOC-TR01B
aaa.bbb.112.242 4 xxxxxx 26776 761874 8318219 0 0 2d05h58m 113141 922653 MY-LOC-PR01A
aaa.bbb.112.243 4 xxxxxx 37609 761874 8318219 0 0 2d05h58m 113141 922653 MY-LOC-PR01B
aaa.bbb.112.244 4 xxxxxx 3241 745167 8318219 0 0 2d05h58m 0 922653 MY-LOC-CR01A
aaa.bbb.112.245 4 xxxxxx 3241 743205 8318219 0 0 2d05h58m 0 922653 MY-LOC-CR01B
aaa.bbb.112.248 4 xxxxxx 384 436702 8318219 0 0 06:16:02 0 922653 MY-LOC-IKE01A
aaa.bbb.112.249 4 xxxxxx 381 306758 8318219 0 0 06:18:32 0 922653 MY-LOC-IKE01B
aaa.bbb.113.151 4 xxxxxx 0 0 0 0 0 never Active 0 MY-LOC-RS01A
aaa.bbb.113.152 4 xxxxxx 0 0 0 0 0 never Active 0 MY-LOC-RS01B
Total number of neighbors 11
Thanks,
Chris.